Hi,
On Jun 15, 2016, at 9:26 AM, Andre LaBranche <dre@apple.com> wrote:
On Jun 14, 2016, at 4:46 AM, Axel Rau <Axel.Rau@Chaos1.DE> wrote:
Shall I report a bug for this?
Yeah, looks like we don't accept tcps.
I tried the most naive thing I could think of, since I believe none of the parameters we pass down to pg8000 are TLS-aware - I think it's a negotiation that happens at connect time. Index: txdav/base/datastore/dbapiclient.py =================================================================== --- txdav/base/datastore/dbapiclient.py (revision 15694) +++ txdav/base/datastore/dbapiclient.py (working copy) @@ -218,7 +218,7 @@ else: self.port = None self.host = None - elif self.endpoint.startswith("tcp:"): + elif self.endpoint.startswith("tcp:") or self.endpoint.startswith("tcps:"): self.unixsocket = None self.host = self.endpoint[4:] if ":" in self.host: However in trying to test this, I realized that we don't build postgres with SSL support. When I added "--with-openssl" to the PG configure args (in bin/_build.sh), it blows up on me because my OS vendor totally doesn't ship openssl headers, and I'm not trying to solve that right now... but maybe I can get it going via Homebrew. In the mean time, feel free to try the above patch and let me know if it 'just works' :) -dre